Skip to content
@RhinoSecurityLabs

Rhino Security Labs

A boutique penetration testing and security assessment firm in Seattle, WA.

Pinned Loading

  1. pacu pacu Public

    The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

    Python 4.4k 701

  2. cloudgoat cloudgoat Public

    CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

    Python 3k 623

  3. CVEs CVEs Public

    A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

    Python 800 239

  4. IAMActionHunter IAMActionHunter Public

    An AWS IAM policy statement parser and query tool.

    Python 157 12

  5. IPRotate_Burp_Extension IPRotate_Burp_Extension Public

    Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

    Python 817 145

  6. ccat ccat Public

    Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

    Python 591 101

Repositories

Showing 10 of 20 repositories
  • pacu Public

    The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

    RhinoSecurityLabs/pacu’s past year of commit activity
    Python 4,400 BSD-3-Clause 701 21 3 Updated Nov 14, 2024
  • cloudgoat Public

    CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

    RhinoSecurityLabs/cloudgoat’s past year of commit activity
    Python 2,975 BSD-3-Clause 623 11 (1 issue needs help) 12 Updated Nov 10, 2024
  • CVEs Public

    A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

    RhinoSecurityLabs/CVEs’s past year of commit activity
    Python 800 BSD-3-Clause 239 0 0 Updated Nov 8, 2024
  • IPRotate_Burp_Extension Public

    Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

    RhinoSecurityLabs/IPRotate_Burp_Extension’s past year of commit activity
    Python 817 145 2 0 Updated May 14, 2024
  • GCP-IAM-Privilege-Escalation Public

    A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

    RhinoSecurityLabs/GCP-IAM-Privilege-Escalation’s past year of commit activity
    Python 343 BSD-3-Clause 74 5 3 Updated Apr 18, 2024
  • IAMActionHunter Public

    An AWS IAM policy statement parser and query tool.

    RhinoSecurityLabs/IAMActionHunter’s past year of commit activity
    Python 157 Apache-2.0 12 0 0 Updated Feb 13, 2024
  • GCPBucketBrute Public

    A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

    RhinoSecurityLabs/GCPBucketBrute’s past year of commit activity
    Python 483 BSD-3-Clause 85 5 2 Updated May 26, 2023
  • dsnap Public

    Utility for downloading and mounting EBS snapshots using the EBS Direct API's

    RhinoSecurityLabs/dsnap’s past year of commit activity
    Python 74 BSD-3-Clause 9 6 2 Updated Feb 8, 2023
  • Swagger-EZ Public

    A tool geared towards pentesting APIs using OpenAPI definitions.

    RhinoSecurityLabs/Swagger-EZ’s past year of commit activity
    JavaScript 169 BSD-3-Clause 37 1 0 Updated Oct 27, 2022
  • CloudScraper Public Forked from jordanpotti/CloudScraper

    CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

    RhinoSecurityLabs/CloudScraper’s past year of commit activity
    Python 27 MIT 110 0 1 Updated Mar 7, 2022

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…